wispy-cli 2.7.11 → 2.7.13

package/lib/commands/review.mjs

@@ -0,0 +1,272 @@
+/**
+ * lib/commands/review.mjs — Code review mode for Wispy
+ *
+ * wispy review                       Review uncommitted changes
+ * wispy review --base <branch>       Review against base branch
+ * wispy review --commit <sha>        Review specific commit
+ * wispy review --title <title>       Add context title
+ * wispy review --json                Output as JSON
+ */
+
+import { execSync } from "node:child_process";
+import path from "node:path";
+import { WispyEngine } from "../../core/engine.mjs";
+
+const CODE_REVIEW_SYSTEM_PROMPT = `You are a senior code reviewer. Analyze the following diff and provide:
+1. A brief summary of the changes
+2. Issues found, categorized by severity (critical, warning, info)
+3. Specific line-level comments with suggestions
+4. An overall assessment (approve, request-changes, comment)
+
+Be constructive and specific. Reference line numbers when possible.
+
+Format your response as follows:
+## Summary
+[Brief summary of what changed]
+
+## Issues Found
+### Critical
+[List critical issues, or "None" if clean]
+
+### Warnings
+[List warnings, or "None"]
+
+### Info
+[List informational notes, or "None"]
+
+## File Comments
+[File-by-file comments with line references]
+
+## Assessment
+**Verdict:** [approve | request-changes | comment]
+[Brief overall assessment]`;
+
+/**
+ * Get git diff based on options.
+ */
+function getDiff(options = {}) {
+  const { base, commit, staged, cwd = process.cwd() } = options;
+  const execOpts = { cwd, stdio: ["ignore", "pipe", "pipe"], encoding: "utf8" };
+
+  let diff = "";
+
+  if (commit) {
+    // Review a specific commit
+    try {
+      diff = execSync(`git show ${commit}`, execOpts);
+    } catch (err) {
+      throw new Error(`Failed to get commit ${commit}: ${err.stderr?.slice(0, 200) ?? err.message}`);
+    }
+  } else if (base) {
+    // Review changes since base branch
+    try {
+      diff = execSync(`git diff ${base}...HEAD`, execOpts);
+    } catch (err) {
+      throw new Error(`Failed to diff against ${base}: ${err.stderr?.slice(0, 200) ?? err.message}`);
+    }
+  } else {
+    // Default: all uncommitted changes (staged + unstaged + untracked summary)
+    try {
+      const stageDiff = execSync("git diff --cached", execOpts);
+      const unstaged = execSync("git diff", execOpts);
+      diff = [stageDiff, unstaged].filter(Boolean).join("\n");
+
+      // Also include untracked file names if any
+      try {
+        const untracked = execSync("git ls-files --others --exclude-standard", execOpts).trim();
+        if (untracked) {
+          diff += `\n\n# Untracked files:\n${untracked.split("\n").map(f => `# + ${f}`).join("\n")}`;
+        }
+      } catch {}
+    } catch (err) {
+      throw new Error(`Failed to get git diff: ${err.stderr?.slice(0, 200) ?? err.message}`);
+    }
+  }
+
+  return diff.trim();
+}
+
+/**
+ * Get some context about the repo.
+ */
+function getRepoContext(cwd = process.cwd()) {
+  const execOpts = { cwd, stdio: ["ignore", "pipe", "pipe"], encoding: "utf8" };
+  const context = {};
+
+  try {
+    context.branch = execSync("git rev-parse --abbrev-ref HEAD", execOpts).trim();
+  } catch {}
+
+  try {
+    context.lastCommit = execSync("git log -1 --pretty=%B", execOpts).trim().slice(0, 200);
+  } catch {}
+
+  try {
+    const stat = execSync("git diff --stat", execOpts).trim();
+    context.stat = stat.slice(0, 500);
+  } catch {}
+
+  return context;
+}
+
+/**
+ * Parse the AI review response into structured JSON.
+ */
+function parseReviewResponse(text) {
+  const result = {
+    summary: "",
+    issues: { critical: [], warning: [], info: [] },
+    fileComments: [],
+    assessment: { verdict: "comment", explanation: "" },
+    raw: text,
+  };
+
+  // Extract summary
+  const summaryMatch = text.match(/## Summary\n([\s\S]*?)(?=##|$)/);
+  if (summaryMatch) result.summary = summaryMatch[1].trim();
+
+  // Extract issues
+  const criticalMatch = text.match(/### Critical\n([\s\S]*?)(?=###|##|$)/);
+  if (criticalMatch) {
+    const content = criticalMatch[1].trim();
+    if (content && content.toLowerCase() !== "none") {
+      result.issues.critical = content.split("\n").filter(l => l.trim() && l.trim() !== "-").map(l => l.replace(/^[-*•]\s*/, "").trim());
+    }
+  }
+
+  const warningsMatch = text.match(/### Warning[s]?\n([\s\S]*?)(?=###|##|$)/);
+  if (warningsMatch) {
+    const content = warningsMatch[1].trim();
+    if (content && content.toLowerCase() !== "none") {
+      result.issues.warning = content.split("\n").filter(l => l.trim() && l.trim() !== "-").map(l => l.replace(/^[-*•]\s*/, "").trim());
+    }
+  }
+
+  const infoMatch = text.match(/### Info\n([\s\S]*?)(?=###|##|$)/);
+  if (infoMatch) {
+    const content = infoMatch[1].trim();
+    if (content && content.toLowerCase() !== "none") {
+      result.issues.info = content.split("\n").filter(l => l.trim() && l.trim() !== "-").map(l => l.replace(/^[-*•]\s*/, "").trim());
+    }
+  }
+
+  // Extract assessment
+  const assessmentMatch = text.match(/## Assessment\n([\s\S]*?)(?=##|$)/);
+  if (assessmentMatch) {
+    const assessText = assessmentMatch[1].trim();
+    const verdictMatch = assessText.match(/\*\*Verdict:\*\*\s*(approve|request-changes|comment)/i);
+    if (verdictMatch) result.assessment.verdict = verdictMatch[1].toLowerCase();
+    result.assessment.explanation = assessText.replace(/\*\*Verdict:\*\*[^\n]*\n?/, "").trim();
+  }
+
+  return result;
+}
+
+/**
+ * Main review handler.
+ */
+export async function handleReviewCommand(args = []) {
+  // Parse args
+  const options = {
+    base: null,
+    commit: null,
+    title: null,
+    json: false,
+    cwd: process.cwd(),
+  };
+
+  for (let i = 0; i < args.length; i++) {
+    if (args[i] === "--base" && args[i + 1]) { options.base = args[++i]; }
+    else if (args[i] === "--commit" && args[i + 1]) { options.commit = args[++i]; }
+    else if (args[i] === "--title" && args[i + 1]) { options.title = args[++i]; }
+    else if (args[i] === "--json") { options.json = true; }
+  }
+
+  // Check git
+  try {
+    execSync("git rev-parse --is-inside-work-tree", {
+      cwd: options.cwd, stdio: ["ignore", "pipe", "pipe"],
+    });
+  } catch {
+    console.error("❌ Not inside a git repository.");
+    process.exit(1);
+  }
+
+  // Get the diff
+  let diff;
+  try {
+    diff = getDiff(options);
+  } catch (err) {
+    console.error(`❌ ${err.message}`);
+    process.exit(1);
+  }
+
+  if (!diff) {
+    console.log("✅ Nothing to review — no changes found.");
+    process.exit(0);
+  }
+
+  const context = getRepoContext(options.cwd);
+
+  // Build review prompt
+  let prompt = "";
+  if (options.title) prompt += `# ${options.title}\n\n`;
+  if (context.branch) prompt += `**Branch:** \`${context.branch}\`\n`;
+  if (options.base) prompt += `**Review type:** Changes since \`${options.base}\`\n`;
+  if (options.commit) prompt += `**Commit:** \`${options.commit}\`\n`;
+  if (context.stat) prompt += `\n**Stats:**\n\`\`\`\n${context.stat}\n\`\`\`\n`;
+  prompt += `\n**Diff:**\n\`\`\`diff\n${diff.slice(0, 50_000)}\n\`\`\``;
+
+  if (diff.length > 50_000) {
+    prompt += `\n\n*(diff truncated — ${diff.length} chars total)*`;
+  }
+
+  // Show what we're reviewing
+  if (!options.json) {
+    if (options.commit) {
+      console.log(`\n🔍 Reviewing commit ${options.commit}...`);
+    } else if (options.base) {
+      console.log(`\n🔍 Reviewing changes since ${options.base}...`);
+    } else {
+      console.log("\n🔍 Reviewing uncommitted changes...");
+    }
+    if (context.stat) {
+      console.log(`\n${context.stat}\n`);
+    }
+    process.stdout.write("🌿 ");
+  }
+
+  // Send to AI
+  let reviewText = "";
+  try {
+    const engine = new WispyEngine();
+    const initResult = await engine.init({ skipMcp: true });
+    if (!initResult) {
+      console.error("❌ No AI provider configured. Set an API key to use code review.");
+      process.exit(1);
+    }
+
+    const response = await engine.processMessage(null, prompt, {
+      systemPrompt: CODE_REVIEW_SYSTEM_PROMPT,
+      onChunk: options.json ? null : (chunk) => process.stdout.write(chunk),
+      noSave: true,
+      skipSkillCapture: true,
+      skipUserModel: true,
+    });
+
+    reviewText = response.content;
+    try { engine.destroy(); } catch {}
+  } catch (err) {
+    console.error(`❌ Review failed: ${err.message}`);
+    process.exit(1);
+  }
+
+  if (!options.json) {
+    console.log("\n");
+    return;
+  }
+
+  // JSON output
+  const structured = parseReviewResponse(reviewText);
+  console.log(JSON.stringify(structured, null, 2));
+}

package/lib/commands/trust.mjs

@@ -319,6 +319,58 @@ export async function cmdTrustReceipt(id) {
   console.log("");
 }
 
+export async function cmdTrustApprovals(subArgs = []) {
+  const { globalAllowlist } = await import("../../core/harness.mjs");
+  const action = subArgs[0];
+
+  if (!action || action === "list") {
+    const list = await globalAllowlist.getAll();
+    console.log(`\n${bold("🔐 Approval Allowlist")} ${dim("(auto-approved patterns)")}\n`);
+    let empty = true;
+    for (const [tool, patterns] of Object.entries(list)) {
+      if (patterns.length === 0) continue;
+      empty = false;
+      console.log(`  ${cyan(tool)}:`);
+      for (const p of patterns) {
+        console.log(`    ${dim("•")} ${p}`);
+      }
+    }
+    if (empty) {
+      console.log(dim("  No patterns configured."));
+    }
+    console.log(dim("\n  Manage: wispy trust approvals add <tool> <pattern>"));
+    console.log(dim("           wispy trust approvals clear"));
+    console.log(dim("           wispy trust approvals reset\n"));
+    return;
+  }
+
+  if (action === "add") {
+    const tool = subArgs[1];
+    const pattern = subArgs[2];
+    if (!tool || !pattern) {
+      console.log(yellow("Usage: wispy trust approvals add <tool> <pattern>"));
+      return;
+    }
+    await globalAllowlist.add(tool, pattern);
+    console.log(`${green("✅")} Added pattern for ${cyan(tool)}: ${pattern}`);
+    return;
+  }
+
+  if (action === "clear") {
+    await globalAllowlist.clear();
+    console.log(green("✅ Allowlist cleared."));
+    return;
+  }
+
+  if (action === "reset") {
+    await globalAllowlist.reset();
+    console.log(green("✅ Allowlist reset to defaults."));
+    return;
+  }
+
+  console.log(yellow(`Unknown approvals action: ${action}. Use: list, add, clear, reset`));
+}
+
 export async function handleTrustCommand(args) {
   const sub = args[1];
 
@@ -405,6 +457,7 @@ export async function handleTrustCommand(args) {
   if (sub === "log") return cmdTrustLog(args.slice(2));
   if (sub === "replay") return cmdTrustReplay(args[2]);
   if (sub === "receipt") return cmdTrustReceipt(args[2]);
+  if (sub === "approvals") return cmdTrustApprovals(args.slice(2));
 
   console.log(`
 ${bold("🔐 Trust Commands")}
@@ -414,5 +467,9 @@ ${bold("🔐 Trust Commands")}
   wispy trust log                          ${dim("show audit log")}
   wispy trust replay <session-id>          ${dim("replay session step by step")}
   wispy trust receipt <session-id>         ${dim("show execution receipt")}
+  wispy trust approvals                    ${dim("list approval allowlist")}
+  wispy trust approvals add <tool> <pat>   ${dim("add an allowlist pattern")}
+  wispy trust approvals clear              ${dim("clear all allowlist patterns")}
+  wispy trust approvals reset              ${dim("reset allowlist to defaults")}
 `);
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wispy-cli",
-  "version": "2.7.11",
+  "version": "2.7.13",
   "description": "🌿 Wispy — AI workspace assistant with trustworthy execution (harness, receipts, approvals, diffs)",
   "license": "MIT",
   "author": "Minseo & Poropo",